Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91871C2/DE61666855A911EB99AFDA5DC4F9AE02/A5307E284CEF11F092F69C81C4F9AE02.roa
File: A5307E284CEF11F092F69C81C4F9AE02.roa (raw, json)
Hash identifier: ssil7SjTurDlxeBBscPAUJTsyrsCuWA39a0ktEouOcI=
Subject key identifier: 98:C6:44:74:5A:71:C2:E4:E1:A2:A5:1F:B9:B5:4A:EB:3A:70:41:C0
Certificate issuer: /CN=A91871C2/serialNumber=A9EABC2465116ED11D6C8CDAE2011237CF1F59DF
Certificate serial: 0814
Authority key identifier: A9:EA:BC:24:65:11:6E:D1:1D:6C:8C:DA:E2:01:12:37:CF:1F:59:DF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qeq8JGURbtEdbIza4gESN88fWd8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91871C2/DE61666855A911EB99AFDA5DC4F9AE02/A5307E284CEF11F092F69C81C4F9AE02.roa
Signing time: Sun 01 Mar 2026 18:13:05 +0000
ROA not before: Mon 02 Feb 2026 21:18:43 +0000
ROA not after: Sat 01 May 2027 00:00:00 +0000
asID: 139009
IP address blocks: 14.1.100.0/24 maxlen: 24
14.1.101.0/24 maxlen: 24
14.1.102.0/23 maxlen: 23
14.1.102.0/24 maxlen: 24
14.1.103.0/24 maxlen: 24
103.126.150.0/24 maxlen: 24
103.161.168.0/23 maxlen: 24
202.173.120.0/22 maxlen: 22
202.173.120.0/23 maxlen: 23
202.173.120.0/24 maxlen: 24
202.173.121.0/24 maxlen: 24
202.173.122.0/23 maxlen: 23
202.173.122.0/24 maxlen: 24
202.173.123.0/24 maxlen: 24
2407:d40::/32 maxlen: 32
2407:d40::/36 maxlen: 36
2407:d40::/48 maxlen: 48
2407:d40:f::/48 maxlen: 48
2407:d40:100::/48 maxlen: 48
2407:d40:101::/48 maxlen: 48
2407:d40:102::/48 maxlen: 48
2407:d40:103::/48 maxlen: 48
2407:d40:106::/48 maxlen: 48
2407:d40:107::/48 maxlen: 48
2407:d40:108::/48 maxlen: 48
2407:d40:109::/48 maxlen: 48
2407:d40:10f::/48 maxlen: 48
2407:d40:114::/48 maxlen: 48
2407:d40:122::/48 maxlen: 48
2407:d40:126::/48 maxlen: 48
2407:d40:140::/48 maxlen: 48
2407:d40:142::/48 maxlen: 48
2407:d40:201::/48 maxlen: 48
2407:d40:202::/48 maxlen: 48
2407:d40:203::/48 maxlen: 48
2407:d40:204::/48 maxlen: 48
2407:d40:205::/48 maxlen: 48
2407:d40:206::/48 maxlen: 48
2407:d40:207::/48 maxlen: 48
2407:d40:208::/48 maxlen: 48
2407:d40:8000::/48 maxlen: 48
2407:d40:8004::/48 maxlen: 48
2407:d40:8007::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91871C2/DE61666855A911EB99AFDA5DC4F9AE02/qeq8JGURbtEdbIza4gESN88fWd8.crl
rsync://rpki.apnic.net/member_repository/A91871C2/DE61666855A911EB99AFDA5DC4F9AE02/qeq8JGURbtEdbIza4gESN88fWd8.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qeq8JGURbtEdbIza4gESN88fWd8.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 31 Mar 2026 21:21:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2068 (0x814)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91871C2, serialNumber=A9EABC2465116ED11D6C8CDAE2011237CF1F59DF
Validity
Not Before: Feb 2 21:18:43 2026 GMT
Not After : May 1 00:00:00 2027 GMT
Subject: CN=69a481b1-51fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:e0:43:00:2d:d4:0e:42:53:c5:fd:c2:c6:4b:
51:67:a2:35:b4:fc:f8:f4:d2:ad:d6:cb:e5:4f:92:
1f:1f:1e:63:5b:c1:4d:b1:94:ef:27:d5:66:64:f3:
44:e9:f1:3c:45:53:01:ce:9f:28:ec:c3:6b:19:f9:
69:92:c2:10:52:ec:83:8a:af:4d:36:44:2d:ed:26:
0e:4c:38:d1:b5:a7:72:c6:c7:33:57:68:6b:94:9d:
31:99:ed:30:15:e3:69:59:4d:f1:ad:e3:08:46:b9:
bb:46:89:b0:3f:21:fc:76:b5:57:cd:49:37:52:d5:
77:9c:14:d6:3b:8b:6c:00:30:fc:7f:35:1e:29:de:
7a:59:2c:29:1b:b5:3f:fb:e4:18:2e:04:e9:b3:8c:
26:90:65:51:25:5b:bb:d7:75:65:03:e2:ba:96:69:
19:8b:09:e5:99:0a:80:d4:25:69:af:96:f9:b8:72:
bd:f3:23:f3:2a:30:9e:a2:c2:1b:a7:37:bb:ed:65:
65:56:b6:82:03:90:5b:f4:81:23:04:b6:53:72:42:
2b:3a:bd:11:db:67:da:fd:a9:f0:02:fc:52:e9:64:
60:04:a3:e2:c3:78:c1:36:a8:87:c1:30:9b:9f:8f:
04:6f:de:0b:de:60:63:fc:18:90:d5:76:fa:94:b2:
f0:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:C6:44:74:5A:71:C2:E4:E1:A2:A5:1F:B9:B5:4A:EB:3A:70:41:C0
X509v3 Authority Key Identifier:
keyid:A9:EA:BC:24:65:11:6E:D1:1D:6C:8C:DA:E2:01:12:37:CF:1F:59:DF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91871C2/DE61666855A911EB99AFDA5DC4F9AE02/qeq8JGURbtEdbIza4gESN88fWd8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qeq8JGURbtEdbIza4gESN88fWd8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91871C2/DE61666855A911EB99AFDA5DC4F9AE02/A5307E284CEF11F092F69C81C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
14.1.100.0/22
103.126.150.0/24
103.161.168.0/23
202.173.120.0/22
IPv6:
2407:d40::/32
Signature Algorithm: sha256WithRSAEncryption
d6:ba:33:34:01:54:30:b7:e6:a0:4d:29:02:c2:a5:be:71:dd:
28:85:cd:f6:5c:54:77:f0:ad:85:72:31:3f:b6:68:62:c7:23:
8b:e8:48:ad:25:e9:70:00:ad:7a:d1:88:cd:20:f9:5f:c7:61:
6b:a1:c6:c9:71:cc:b5:75:68:e5:d6:57:87:18:2c:52:73:d9:
46:3c:ca:8f:45:06:2d:26:a9:a5:98:f7:e6:cd:94:bb:26:65:
a4:bc:2f:b8:3f:79:67:a0:f6:21:e6:89:8b:7b:39:fa:27:25:
e8:29:e6:5d:eb:a0:47:aa:46:dc:43:5e:04:72:80:65:6a:94:
f9:7c:ae:bb:6d:19:c2:83:ac:3b:9a:ab:5e:f3:ba:99:f9:95:
7f:e3:f0:7d:a1:4d:78:a6:14:bf:5e:6c:af:70:69:d7:cd:f5:
ac:d9:42:87:a4:d7:64:38:77:69:67:0c:1d:2c:31:dc:e5:fd:
c2:42:e3:d5:7e:8d:7b:21:c2:ea:48:ad:61:31:48:39:3f:5a:
fa:4a:6e:e0:29:7b:c0:6e:2f:e0:82:13:52:f2:7d:fc:dd:a7:
a5:fd:ba:70:ab:60:56:07:7c:07:8e:a1:c8:d1:c3:79:b8:da:
c0:14:31:56:e0:22:c6:23:5e:e1:58:6b:ff:95:df:b4:80:2b:
0a:a8:ef:ac
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgICCBQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODcxQzIxMTAvBgNVBAUTKEE5RUFCQzI0NjUxMTZFRDExRDZDOENEQUUyMDExMjM3
Q0YxRjU5REYwHhcNMjYwMjAyMjExODQzWhcNMjcwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0ODFiMS01MWZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0uBDAC3UDkJTxf3CxktRZ6I1tPz49NKt1svlT5IfHx5jW8FNsZTvJ9VmZPNE
6fE8RVMBzp8o7MNrGflpksIQUuyDiq9NNkQt7SYOTDjRtadyxsczV2hrlJ0xme0w
FeNpWU3xreMIRrm7RomwPyH8drVXzUk3UtV3nBTWO4tsADD8fzUeKd56WSwpG7U/
++QYLgTps4wmkGVRJVu713VlA+K6lmkZiwnlmQqA1CVpr5b5uHK98yPzKjCeosIb
pze77WVlVraCA5Bb9IEjBLZTckIrOr0R22fa/anwAvxS6WRgBKPiw3jBNqiHwTCb
n48Eb94L3mBj/BiQ1Xb6lLLwYQIDAQABo4ICgTCCAn0wHQYDVR0OBBYEFJjGRHRa
ccLk4aKlH7m1Sus6cEHAMB8GA1UdIwQYMBaAFKnqvCRlEW7RHWyM2uIBEjfPH1nf
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NzFDMi9ERTYxNjY2ODU1
QTkxMUVCOTlBRkRBNURDNEY5QUUwMi9xZXE4SkdVUmJ0RWRiSXphNGdFU044OGZX
ZDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3FlcThKR1VSYnRFZGJJemE0Z0VTTjg4ZldkOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODcxQzIvREU2MTY2Njg1NUE5MTFFQjk5QUZEQTVEQzRGOUFFMDIvQTUzMDdFMjg0
Q0VGMTFGMDkyRjY5QzgxQzRGOUFFMDIucm9hMEAGCCsGAQUFBwEHAQH/BDEwLzAe
BAIAATAYAwQCDgFkAwQAZ36WAwQBZ6GoAwQCyq14MA0EAgACMAcDBQAkBw1AMA0G
CSqGSIb3DQEBCwUAA4IBAQDWujM0AVQwt+agTSkCwqW+cd0ohc32XFR38K2FcjE/
tmhixyOL6EitJelwAK160YjNIPlfx2FrocbJccy1dWjl1leHGCxSc9lGPMqPRQYt
JqmlmPfmzZS7JmWkvC+4P3lnoPYh5omLezn6JyXoKeZd66BHqkbcQ14EcoBlapT5
fK67bRnCg6w7mqte87qZ+ZV/4/B9oU14phS/XmyvcGnXzfWs2UKHpNdkOHdpZwwd
LDHc5f3CQuPVfo17IcLqSK1hMUg5P1r6Sm7gKXvAbi/gghNS8n383ael/bpwq2BW
B3wHjqHI0cN5uNrAFDFW4CLGI17hWGv/ld+0gCsKqO+s
-----END CERTIFICATE-----
Generated at Thu Mar 26 09:54:04 2026 by rpki-client